Date: Mon, 13 Jan 2003 15:40:51 +0100 From: "Ronan LE NOZACH" <ronan.lenozach@cis-consultants.com> To: "Andriy Gapon" <agapon@excite.com> Cc: <freebsd-security@FreeBSD.ORG> Subject: =?utf-8?Q?RE=C2=A0:_IPsec_in_tunnel_mode_between_Windows_2000_and_FreeBSD?= Message-ID: <0690CF9CCB18EE4EB57E4E26A0CEC7BB0EF21E@cis2ks01.cis-consultants>
next in thread | raw e-mail | index | archive | help
Thank you for this information Andriy, I did some other tests and it works fine now. If found out my problem was that phase II life duration expected by Windows was 300 sec and lifetime proposal sent by racoon was 30 sec ! Ronan Le Nozach CIS Consultants Paris France -------- Message d'origine-------- De: Andriy Gapon [mailto:agapon@excite.com] Date: jeu. 09/01/2003 20:10 À: Ronan LE NOZACH Cc: freebsd-security@FreeBSD.ORG Objet: Re: IPsec in tunnel mode between Windows 2000 and FreeBSD Ronan, I have here a well-functioning IPSec tunnel between Win2K leaf-node host and FreeBSD router to the Internet. There are quite a few tutorials on this topic on the www, the most important trick for tunnel mode (vs. transport mode) is to have two separate policies on Win2K - for incoming and outgoing packets (i.e. "mirror" option should not be used). Racoon log may provide more hints, you should be able to find a message where it complaints. -- Andriy Gapon * Broadcast Message from wnpdev21 (pts/tg) Wed Jan 8 09:12:47... replacing the jar - krishna 3931 ------------------------------------------------------------------ Ce message et les eventuelles pieces jointes sont confidentiels ou appartenant a CIS Consultants et etablis a l'intention exclusive de ses destinataires. Toute divulgation, utilisation, diffusion ou reproduction (totale ou partielle) non-autorisee de ce message, ou des informations qu'il contient, est interdite. Tout message electronique est susceptible d'alteration. CIS Consultants decline toute responsabilite au titre de ce message s'il a ete modifie ou falsifie. ------------------------------------------------------------------ This e-mail and any attachments contain confidential information belonging to CIS Consultants and are intended solely for the addressees. Any unauthorized disclosure, use, dissemination or copying (either whole or partial) of this e-mail, or any information it contains, is prohibited. E-mails are susceptible to alteration. Neither CIS Consultants shall be liable for the message if altered or falsified. ------------------------------------------------------------------ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0690CF9CCB18EE4EB57E4E26A0CEC7BB0EF21E>